[
https://issues.apache.org/jira/browse/CLOUDSTACK-8650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14638288#comment-14638288
]
ASF subversion and git services commented on CLOUDSTACK-8650:
-------------------------------------------------------------
Commit 4705d75d4a7fd58def45ec3e70ed5118e0334cf7 in cloudstack's branch
refs/heads/master from [~franklouwers]
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=4705d75 ]
CLOUDSTACK-8650: Fix securitygroups ingress FW for protocol any and 0.0.0.0/0
Change way 0.0.0.0/0 + all is handles, as per feedback in Slack channel
Signed-off-by: wilderrodrigues <[email protected]>
> When using security groups, adding an ingress rule for protocol "all" for
> source cidr 0.0.0.0/0 is impossible
> -------------------------------------------------------------------------------------------------------------
>
> Key: CLOUDSTACK-8650
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8650
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Reporter: Frank Louwers
> Priority: Minor
>
> While it is possible to add ingress rules for tcp, udp and icmp for source
> range 0.0.0.0/0, it is currently impossible to add a rule for protocol all
> for source range 0.0.0.0/0.
> So these work (using eg cloudmonkey):
> * authorize securitygroupingress securitygroupid=$id cidrlist="0.0.0.0/0"
> protocol=tcp
> * authorize securitygroupingress securitygroupid=$id cidrlist="0.0.0.0/0"
> protocol=icmp
> * authorize securitygroupingress securitygroupid=$id cidrlist="0.0.0.0/1"
> protocol=all
> * authorize securitygroupingress securitygroupid=$id cidrlist="128.0.0.0/1"
> protocol=all
> But this doesn't work:
> * authorize securitygroupingress securitygroupid=$id cidrlist="0.0.0.0/0"
> protocol=all
> Fix is in https://github.com/apache/cloudstack/pull/601
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
